EasyManuals Logo
Home>Cisco>Firewall>5510 - ASA SSL / IPsec VPN Edition

Cisco 5510 - ASA SSL / IPsec VPN Edition User Manual

Cisco 5510 - ASA SSL / IPsec VPN Edition
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1684 background imageLoading...
Page #1684 background image
1-50
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Connection Profiles, Group Policies, and Users
Group Policies
Specifying VPN Access Hours for a Group Policy
Prerequisites
Create a time range. See “Configuring Time Ranges” section on page 17-18.”
Detailed Steps
Specifying Simultaneous VPN Logins for a Group Policy
Specify the number of simultaneous logins allowed for any user, using the vpn-simultaneous-logins
command in group-policy configuration mode.
hostname(config-group-policy)# vpn-simultaneous-logins integer
The default value is 3. The range is an integer in the range 0 through 2147483647. A group policy can
inherit this value from another group policy. Enter 0 to disable login and prevent user access. The
following example shows how to allow a maximum of 4 simultaneous logins for the group policy named
FirstGroup:
hostname(config)# group-policy FirstGroup attributes
hostname(config-group-policy)# vpn-simultaneous-logins 4
hostname(config-group-policy)#
Note While the maximum limit for the number of simultaneous logins is very large, allowing several
simultaneous logins could compromise security and affect performance.
Command Purpose
Step 1
group-policy value attributes
Example:
hostname> en
hostname# config t
hostname(config)# group-policy FirstGroup attributes
hostname(config-group-policy)#
Enter group policy configuration mode.
Step 2
hostname(config-group-policy)# vpn-access-hours value
{time-range-name | none}
Example:
hostname(config-group-policy)# vpn-access-hours value
business-hours
hostname(config-group-policy)#
You can set the VPN access hours by associating a
configured time-range policy with a group policy
using the vpn-access-hours command in
group-policy configuration mode.
This command assigns a VPN access time range
named business-hours to the group policy named
FirstGroup.
A group policy can inherit a time-range value from
a default or specified group policy. To prevent this
inheritance, enter the none keyword instead of the
name of a time-range in this command. This
keyword sets VPN access hours to a null value,
which allows no time-range policy.

Table of Contents

Other manuals for Cisco 5510 - ASA SSL / IPsec VPN Edition

Preview: Configuration Guide
Configuration Guide1822 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 5510 - ASA SSL / IPsec VPN Edition and is the answer not in the manual?

Cisco 5510 - ASA SSL / IPsec VPN Edition Specifications

General IconGeneral
BrandCisco
Model5510 - ASA SSL / IPsec VPN Edition
CategoryFirewall
LanguageEnglish

Related product manuals